Ransomware deletion methods and the canary in the coal mine
Introduction Ransomware is an emergent threat. Every week, there is a new and notable outbreak of this class of data encryption malware. From Ragnar Locker to Netwalker, the threats…
Categoria: Malware
The new maxtrilha trojan is being disseminated and targeting several banks
A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and…
Netwalker ransomware full analysis
Netwalker is a data encryption malware that represents an evolution of the well-known Kokoklock ransomware and has been active since September 2019. This article will detail the specific technical features of the Netwalker ransomware. We will analyze what Netwalker is, how it works, and how you can avoid falling victim to this threat.
Ragnar Locker – Malware analysis
Ragnar Locker is ransomware that affects devices running Microsoft Windows operating systems. It was initially observed towards the end of December 2019 as part of a series of attacks against compromised networks.
Secrets behind the Lazarus’s VHD ransomware
Data encryption malware is one of the most popular malware families in recent years and targets mass volumes of users and companies around the world. In this article, we will take a deep dive into a new VHD ransomware distributed in the wild by the Lazarus group — the criminals behind the WannaCry incident in 2017.
The clandestine Horus Eyes RAT: From the underground to criminals’ arsenal
The clandestine Horus Eyes RAT: From the underground to criminals’ arsenal.
Threat Report Portugal: Q2 2021
Threat Report Portugal Q2 2021: Phishing and malware by numbers.
Para quando o fim dos ciber-ataques?
Para quando o fim dos ciber-ataques? Conheça aqui a matemática dos incidentes em Portugal submetidos durante 2020 no 0xSI_f33d.
A taste of the latest release of QakBot
A taste of the latest release of QakBot – one of the most popular and mediatic trojan bankers active since 2007.
A new malware dropper identified in 9 android apps on PlayStore
New malware dropper identified in 9 android apps on PlayStore.
Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware
Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware.
Lampion trojan disseminated in Portugal using COVID-19 template
The fresh release of the Latin American Lampion trojan was updated with a new C2 address. Lampion trojan disseminated in Portugal using COVID-19 template.
New cryptojacking malware called Pro-Ocean is now attacking Apache, Oracle and Redis servers
New cryptojacking malware called Pro-Ocean is now attacking Apache, Oracle and Redis servers.
Operação organizada a nível global derruba botnet do Emotet
Operação organizada a nível global derruba botnet do Emotet.